-
Notifications
You must be signed in to change notification settings - Fork 3
restful workflow engine based on Rack and ruote (Warning : ruote-rest will be replaced by ruote-kit soon)
License
jmettraux/ruote-rest
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
** Note : most of this documentation got integrated into README.txt Thanks to Gonzalo and Nando for all their work ! ** This is a draft for a new authentication model in ruote-rest. authors: Gonzalo <gonzalo@abstra.cc> "Nando Sola"<nando@abstra.cc> Our main goal was to avoid storing passwords in plain text (conf/authentication.yaml) All authentication info is stored in "ruoterest_#{stage}" - The following tables are created USERS (inspired by ruote-web2) +------------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +------------+--------------+------+-----+---------+----------------+ | id | int(11) | NO | PRI | NULL | auto_increment | | login | varchar(255) | YES | UNI | NULL | | | name | varchar(255) | YES | MUL | NULL | | | password | varchar(255) | YES | | NULL | | | email | varchar(255) | YES | MUL | NULL | | | created_at | datetime | YES | MUL | NULL | | | updated_at | datetime | YES | MUL | NULL | | +------------+--------------+------+-----+---------+----------------+ HOSTS (IP whitelisting and ToD filter) +---------+--------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +---------+--------------+------+-----+---------+----------------+ | id | int(11) | NO | PRI | NULL | auto_increment | | ip | varchar(255) | YES | | NULL | | | trusted | varchar(255) | YES | | NULL | | | from | varchar(255) | YES | | NULL | | | to | varchar(255) | YES | | NULL | | +---------+--------------+------+-----+---------+----------------+ Passwords --------- So far, we've successfully implemented the following password storage schemes: * {SSHA} * {SMD5} * {...} It's easily extensible An 8-byte salt is included in the b64 passwd string (a la Directory Server) Hosts table: ------------ attributes: * 'ip': as for now, every host making requests to ruote-rest must be stored in this table. * 'trusted': 'false' or 'true' for whitelist inclussion, thus disabling ToD and user/passwd checks. * 'from' - 'to': Time of Day filter. Set a valid interval to use ruote-rest or NULL. Included files: --------------- ./newauth-ruoterest +tasks authmodel.rake +fixtures users.yml hosts.yml +test test_newauth.rb README +conf auth_models.rb password.rb auth.rb Usage: ------ git clone git://github.com/jmettraux/ruote-rest.git cp newauth.tar ruote-rest; tar xvf newauth.tar edit Rakefile: 50 load 'tasks/ruote.rake' 51 load 'tasks/mysql.rake' ---> 52 load 'tasks/authmodel.rake' edit tasks/fixtures/hosts.yaml and make sure everything looks OK gem install rest-client in order to run our tests rake ruote:install edit conf/database.yaml and tasks/mysql.rake and make the appropriate changes to db_name, :user and :passwd rake mysql:setup; rake authmodel:setup; rake authmodel:fixtures Now lets rock! ruby lib/start.rb & or daemonize Now we can roll the unit tests: cd test ruby test_newauth.rb - they aren't complete yet, but the main features are tested. Test users: ----------- username: charly, bob, admin, alice password: secret Test hosts: ----------- st_01: id: 1 ip: "192.168.168.1" trusted: false from: 9 to: 17 host_02: id: 2 ip: "192.168.168.128" trusted: false from: NULL to: NULL host_03: id: 3 ip: "127.0.0.1" trusted: true from: NULL to: NULL ****** Feel free to play with them, i.e. adding/deleting/modifying on the fly. If you wanna use a real REST client from a remote host, try: http://code.google.com/p/rest-client/ ****** Post any suggestions/corrections at the list http://groups.google.com/group/openwferu-users Thanks John for this great project
About
restful workflow engine based on Rack and ruote (Warning : ruote-rest will be replaced by ruote-kit soon)
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published